]> git.mxchange.org Git - friendica.git/blob - src/Network/FKOAuthDataStore.php
projects / friendica.git / blob
? search:


0fcd01fc5c85005daf826b25dd777a4055f67c52
[friendica.git] / src / Network / FKOAuthDataStore.php
1 <?php
2 /**
3  * @file src/Protocol/FKOAuthDataStore.php
4  * OAuth server
5  * Based on oauth2-php <http://code.google.com/p/oauth2-php/>
6  *
7  */
8 namespace Friendica\Network;
9
10 use Friendica\App;
11 use Friendica\Core\Config;
12 use Friendica\Core\System;
13 use Friendica\Database\DBM;
14 use dba;
15
16 define('REQUEST_TOKEN_DURATION', 300);
17 define('ACCESS_TOKEN_DURATION', 31536000);
18
19 require_once "library/OAuth1.php";
20 require_once "library/oauth2-php/lib/OAuth2.inc";
21
22 /**
23  * @brief OAuthDataStore class
24  */
25 class FKOAuthDataStore extends OAuthDataStore
26 {
27         /**
28          * @return string
29          */
30         private static function genToken()
31         {
32                 return md5(base64_encode(pack('N6', mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand(), uniqid())));
33         }
34
35         /**
36          * @param string $consumer_key key
37          * @return mixed
38          */
39         public static function lookup_consumer($consumer_key)
40         {
41                 logger(__function__.":".$consumer_key);
42                 
43                 $s = dba::select('clients', array('client_id', 'pw', 'redirect_uri'), array('client_id' => $consumer_key));
44                 $r = dba::inArray($r);
45
46                 if (DBM::is_result($r)) {
47                         return new OAuthConsumer($r[0]['client_id'], $r[0]['pw'], $r[0]['redirect_uri']);
48                 }
49
50                 return null;
51         }
52
53         /**
54          * @param string $consumer   consumer
55          * @param string $token_type type
56          * @param string $token      token
57          * @return mixed
58          */
59         public static function lookup_token($consumer, $token_type, $token)
60         {
61                 logger(__function__.":".$consumer.", ". $token_type.", ".$token);
62                 
63                 $s = dba::select('tokens', array('id', 'secret', 'scope', 'expires', 'uid'), array('client_id' => $consumer->key, 'scope' => $token_type, 'id' => $token));
64                 $r = dba::inArray($s);
65
66                 if (DBM::is_result($r)) {
67                         $ot=new OAuthToken($r[0]['id'], $r[0]['secret']);
68                         $ot->scope = $r[0]['scope'];
69                         $ot->expires = $r[0]['expires'];
70                         $ot->uid = $r[0]['uid'];
71                         return $ot;
72                 }
73
74                 return null;
75         }
76
77         /**
78          * @param string $consumer  consumer
79          * @param string $token     token
80          * @param string $nonce     nonce
81          * @param string $timestamp timestamp
82          * @return mixed
83          */
84         public static function lookup_nonce($consumer, $token, $nonce, $timestamp)
85         {
86                 $r = dba::select('tokens', ['id', 'secret'], ['client_id' => $consumer->key, 'id' => $nonce, 'expires' => $timestamp], ['limit' => 1]);
87                                 
88                 if (DBM::is_result($r)) {
89                         return new OAuthToken($r[0]['id'], $r[0]['secret']);
90                 }
91
92                 return null;
93         }
94
95         /**
96          * @param string $consumer consumer
97          * @param string $callback optional, default null
98          * @return mixed
99          */
100         public static function new_request_token($consumer, $callback = null)
101         {
102                 logger(__function__.":".$consumer.", ". $callback);
103                 $key = self::genToken();
104                 $sec = self::genToken();
105
106                 if ($consumer->key) {
107                         $k = $consumer->key;
108                 } else {
109                         $k = $consumer;
110                 }
111
112                 $r = dba::insert(
113                         'tokens',
114                         array(
115                                 'id' => $key,
116                                 'secret' => $sec,
117                                 'client_id' => $k,
118                                 'scope' => 'request',
119                                 'expires' => UNIX_TIMESTAMP() + REQUEST_TOKEN_DURATION)
120                 );
121
122                 if (!$r) {
123                         return null;
124                 }
125
126                 return new OAuthToken($key, $sec);
127         }
128
129         /**
130          * @param string $token    token
131          * @param string $consumer consumer
132          * @param string $verifier optional, defult null
133          * @return object
134          */
135         public static function new_access_token($token, $consumer, $verifier = null)
136         {
137                 logger(__function__.":".$token.", ". $consumer.", ". $verifier);
138
139                 // return a new access token attached to this consumer
140                 // for the user associated with this token if the request token
141                 // is authorized
142                 // should also invalidate the request token
143
144                 $ret = null;
145
146                 // get user for this verifier
147                 $uverifier = Config::get("oauth", $verifier);
148                 logger(__function__.":".$verifier.",".$uverifier);
149
150                 if (is_null($verifier) || ($uverifier!==false)) {
151                         $key = self::genToken();
152                         $sec = self::genToken();
153                         $r = dba::insert(
154                                 'tokens',
155                                 array(
156                                         'id' => $key,
157                                         'secret' => $sec,
158                                         'client_id' => $consumer->key,
159                                         'scope' => 'access',
160                                         'expires' => UNIX_TIMESTAMP() + ACCESS_TOKEN_DURATION,
161                                         'uid' => $uverifier)
162                         );
163
164                         if ($r) {
165                                 $ret = new OAuthToken($key, $sec);
166                         }
167                 }
168
169
170                 dba::delete('tokens', array('id' => $token->key));
171
172
173                 if (!is_null($ret) && $uverifier !== false) {
174                         Config::delete("oauth", $verifier);
175                 }
176
177                 return $ret;
178         }
179 }
Unnamed repository; edit this file 'description' to name the repository.